Endpoint Encryption

Data protection with encryption for desktops, laptops, and removable media


The proliferation of data and devices in today’s enterprises has increased the complexity of protecting confidential data, meeting compliance mandates, and preventing costly data breaches. These challenges are further amplified as more and more employees bring their own computing devices to work. Ensuring that sensitive data is secured in the case of device loss has never been more difficult.

Trend Micro™ Endpoint Encryption encrypts data on a wide range of devices — both PCs and Macs, laptops and desktops, USB drives, and other removable media. This solution combines enterprise-wide full disk, file/folder, and removable media encryption to prevent unauthorized access and use of private information. A single, well-integrated management console allows you to manage your users holistically—using the same console for endpoint protection and other Trend Micro security products. Deploying Trend Micro Endpoint Encryption helps ensure that your data will continue to be protected as your mobile computing devices and organizational needs change.

Download  Datasheet


Software & Hardware

Protection Points

  • Laptops, desktops
  • Removable media: USB/CD/DVD
  • Files and file volumes (folders)


Threat Protection

  • Privacy
  • Data protection
  • Regulatory compliance
  • Securing Intellectual property

Maximize Platform Coverage for Data and Device Encryption

Get comprehensive data protection on Macs and PC laptops, desktops, removable media, and mobile devices

Lower TCO with Centralized Policy Administration and Transparent Key Management

Save more with an integrated solution that makes it easy to deploy, configure, and manage encryption

Simplify Remote Device Management


Key features

Advanced Reporting and Auditing

  • Unify visibility and policy deployment with other Trend Micro products through integration with Trend Micro Control Manager
  • Automate enforcement of regulatory compliance with policy-based encryption
  • Receive detailed auditing and reporting by individual, organizational unit, and device
  • Assist compliance initiatives with audit trail for all administrative actions
  • Demonstrate compliance on demand with real-time auditing

Administrative Tools and Active Directory Integration

  • Provide remote one-time passwords across all endpoint client applications 
  • Manage users and groups from multiple Active Directory domains in a single console, simplifying the existing IT infrastructure for deployment and management
  • Gain access to recovery console in the Windows preboot

Pre-Boot Authentication

  • Gain flexible authentication, including Active Directory integration, fixed password, and multi-factor authentication for Government and Defense customers
  • Ensure that lost or stolen devices can be remotely wiped or locked before they can boot using network-aware (WiFi and Ethernet)
  • Enable policy updates prior to authentication
  • Trigger lockout feature in response to incorrect authentication attempts
  • Configure actions on failed password attempt threshold
  • Support multiple user and administrator accounts per device

Support for a Consumerized Environment

  • Provide management and visibility for Microsoft BitLocker, especially useful for employee-owned devices where corporate data needs to be protected.
  • Provide visibility and management of Apple FileVault to enforce policies on Macs, and protect them in case of loss or theft.


Key Benefits
  • Helps ensure privacy and compliance enforcement with policy-based encryption
  • Lowers TCO with simplified deployment, configuration, and management
  • Provides comprehensive data security for laptops, desktops, removable media, and mobile devices
  • Helps ensure robust security through certifications including FIPS 140-2 certification
  • Maintains compliance and protects your data without disrupting users with remote management

* Management for Microsoft Bitlocker and Apple FileVault is included with Trend Micro Endpoint Encryption.

Endpoint Encryption is a critical component of our Smart Protection Suites, which deliver even more data protection capabilities like data loss prevention (DLP) and device control but also gateway, mobile device, and endpoint with our XGen™ security-optimized threat protection capabilities like file reputation, machine learning, behavioral analysis, exploit protection, application control, and intrusion prevention (vulnerability protection). Additional Trend Micro solutions extend your protection from advanced attacks with endpoint investigation and detection. Plus, Trend Micro™ Deep Discovery™ network sandboxing delivers rapid response (real-time signature updates) to endpoints when a new threat is detected locally, enabling faster time-to-protection and reducing the spread of malware. All of this modern threat security technology is made simple for your organization with central visibility, management, and reporting.

System Requirements

Minimum recommended server requirements

  • Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016 (64-bit only)
  • Physical or virtual server with 2.2 GHz Xeon Quad Core or above; 1 available vCPU
  • 8 GB RAM
  • 120 GB hard disk space

  • Windows 7, 8, 8.1, 10
  • Windows Embedded POSReady 7
  • Intel Core 2 Duo 2.0 GHz processor and above
  • 1 GB RAM
  • 30 GB hard disk, 20% free space
  • Windows 7,8,8.1, 10
  • Windows  Embedded POSReady 7
  • Intel Core 2 Duo 2.0 GHz processor and above
  • 1 GB RAM
  • TPM 1.2 or higher
  • 30 GB hard disk with 20% free space
  • macOS 10.8, 10.9, 10.10, 10.11, 10.12
  • Intel Core 2 Duo 2.0 GHz processor and above
  • 2 GB RAM
  • 8 GB hard disk, 400 MB free space